Technical Information
- <Full path to file>
- %TEMP%\sysdump.exe
- %TEMP%\setup.bat
- %TEMP%\.tmp\google_login_data
- %TEMP%\offset.json
- %TEMP%\.tmp\google_login_data
- %TEMP%\offset.json
- %TEMP%\sysdump.exe
- %TEMP%\setup.bat
- 'sm##.gmail.com':465
- DNS ASK re#####r1.opendns.com
- DNS ASK 22#.###.67.208.in-addr.arpa
- DNS ASK my##.#pendns.com
- DNS ASK sm##.gmail.com
- DNS ASK go##le.nl
- '%TEMP%\sysdump.exe'
- '<SYSTEM32>\cmd.exe' /C "START setup.bat"
- '<SYSTEM32>\cmd.exe' /K setup.bat
- '<SYSTEM32>\cmd.exe' /C whoami
- '<SYSTEM32>\whoami.exe'
- '<SYSTEM32>\cmd.exe' /C "nslookup myip.opendns.com resolver1.opendns.com"
- '<SYSTEM32>\nslookup.exe' myip.opendns.com resolver1.opendns.com
- '<SYSTEM32>\cmd.exe' /C "echo %date% %time%"
- '<SYSTEM32>\cmd.exe' /C "Ping www.go##le.nl -n 1 -w 1000"
- '<SYSTEM32>\ping.exe' www.go##le.nl -n 1 -w 1000